General
-
Target
b49d3def0686d947c6d36b1ab3b07a05520dfa2cb27f9228421a2dd20d5aa77f
-
Size
4.2MB
-
Sample
230607-mfbrhshf37
-
MD5
ecab2f9f46b292bbbdbe88c5bf247067
-
SHA1
018931b2f5bdf447311964a8f24be08a651da5ad
-
SHA256
b49d3def0686d947c6d36b1ab3b07a05520dfa2cb27f9228421a2dd20d5aa77f
-
SHA512
b9d468ccbfc9bc7a30c9dc4b566e2172f181413f8c3e9db5a256d334fb34b63dd2c7b7d1d632201b1b110758a3d9f1b272fc48dd59326ce95dbf69def6fb92f2
-
SSDEEP
98304:F7cjpnWTod4g2pxfbBxBg9mIiQMFSS/eeWhS:V4pnQn9xB8w/epU
Static task
static1
Malware Config
Targets
-
-
Target
b49d3def0686d947c6d36b1ab3b07a05520dfa2cb27f9228421a2dd20d5aa77f
-
Size
4.2MB
-
MD5
ecab2f9f46b292bbbdbe88c5bf247067
-
SHA1
018931b2f5bdf447311964a8f24be08a651da5ad
-
SHA256
b49d3def0686d947c6d36b1ab3b07a05520dfa2cb27f9228421a2dd20d5aa77f
-
SHA512
b9d468ccbfc9bc7a30c9dc4b566e2172f181413f8c3e9db5a256d334fb34b63dd2c7b7d1d632201b1b110758a3d9f1b272fc48dd59326ce95dbf69def6fb92f2
-
SSDEEP
98304:F7cjpnWTod4g2pxfbBxBg9mIiQMFSS/eeWhS:V4pnQn9xB8w/epU
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-